From ef48f1bfb3df6c777253bc1732b542541ae9f427 Mon Sep 17 00:00:00 2001 From: Zefir Kurtisi Date: Mon, 29 Apr 2019 11:00:02 +0200 Subject: [PATCH] Ensure authenticator session timer is applied with wired driver We use the wired driver for wired port authentication with a slight extension to add the port into a bridge upon successful authentication and to remove it from the bridge when the session terminates. Our expectation was that the Session-Timeout configuration at the RADIUS server is respected, i.e. the session is terminated and would need re-authentication - like it is working for WLAN sessions over the nl80211 driver. Alas, it turned out the session is not terminated with the wired driver. It turned out that when ap_handle_session_timer() is executed, the sta->flags of the wired port has only the WLAN_STA_AUTHORIZED bit set. The WLAN_STA_AUTH bit, which is used to check whether the STA needs to be de-authenticated, is missing. Extend the check for any of the WLAN_STA_(AUTH | ASSOC | AUTHORIZED) bits to solve this issue with the wired driver. That should not have any side-effect for the WLAN cases since WLAN_STA_AUTH is expected to always be set for those when there is an ongoing session and separate checks for ASSOC and AUTHORIZED don't change this. Signed-off-by: Zefir Kurtisi --- src/ap/sta_info.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c index cbb8752ea..25bf46722 100644 --- a/src/ap/sta_info.c +++ b/src/ap/sta_info.c @@ -586,7 +586,8 @@ static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); - if (!(sta->flags & WLAN_STA_AUTH)) { + if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC | + WLAN_STA_AUTHORIZED))) { if (sta->flags & WLAN_STA_GAS) { wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " "entry " MACSTR, MAC2STR(sta->addr));